This week I’ve been reading through the recent judgment from the Swedish FSA on the Swedbank outage. If you’re unfamiliar with this story, Swedbank had a major outage in April 2022 that was caused by an unapproved change to their IT systems. It temporarily left nearly a million customers with incorrect balances, many of whom were unable to meet payments.
After investigation, the regulator found that Swedbank had not followed its change management process and issued a SEK850M (~85M USD) fine. That’s a lot of money to you and me but probably didn’t impact their bottom line very much. Either way, I’m sure the whole episode will have been a big wake-up call for the people at the bank whose job it is to ensure adequate risk and change controls. So, what went wrong, and how could it have been avoided?
Read the original article: